Contents
Contact Technical Support
If you do not find a solution to your problem in the application documentation or other sources of information about the application, it is recommended to contact Technical Support. Technical Support specialists will answer any of your questions about installing and using Kaspersky Endpoint Security.
Kaspersky provides support for Kaspersky Endpoint Security during its life cycle (see the Application life cycle page). Before contacting Technical Support, please read the support rules.
You can contact Technical Support in one of the following ways:
- Visit Technical Support website.
- Submit a request to Kaspersky Technical Support from the Kaspersky CompanyAccount portal.
After you inform Kaspersky Technical Support specialists about the problem, they may ask you to send a trace file or dump file.
Technical Support specialists may also need additionally information about the operating system and running processes on the device, as well as detailed reports on the operation of application components.
While diagnosing the problem, Technical Support specialists may ask you to change the application settings to:
- activate functionality to receive advanced diagnostic information;
- perform more detailed configuration of individual application components that cannot be performed through the standard user interface;
- change settings for storing received diagnostic information;
- to configure the capture and storage of network traffic in a file.
Technical Support specialists will tell you all the information required to perform these actions (the sequence of steps, the settings to change, configuration files, scripts, advanced command line capabilities, debugging modules, special utilities, etc.), as well as the body of information received for diagnostic purposes. The received advanced diagnostic information is stored on the user device. This information is not automatically sent to Kaspersky.
The steps listed above should be performed only with the guidance of Technical Support specialists based on instructions they provide. Independently changing application files using means not described in the application documentation or not recommended by Technical Support specialists may lead to poor performance and failures in the application and operating system, reduced protection, as well as inaccessible and corrupted data.
Technical Support via Kaspersky CompanyAccount
Kaspersky CompanyAccount is a portal for companies that use Kaspersky applications. The Kaspersky CompanyAccount portal is designed to facilitate interaction between users and Kaspersky specialists through online requests. The Kaspersky CompanyAccount portal lets you monitor the progress of electronic request processing by Kaspersky specialists and store a history of electronic requests.
You can register all of your organization's employees under a single account on Kaspersky CompanyAccount. A single account lets you centrally manage electronic requests from registered employees to Kaspersky and also manage the privileges of these employees via Kaspersky CompanyAccount.
The Kaspersky CompanyAccount portal is available in the following languages:
- English
- Spanish
- Italian
- German
- Polish
- Portuguese
- Russian
- French
- Japanese
To learn more about Kaspersky CompanyAccount, visit the Technical Support website.
Page topAbout trace files
A trace file lets you track the step-by-step execution of application commands and detect the stage at which an application error occurs.
Trace files are stored on the device as long as the application is in use, and are deleted permanently when the application is removed. Trace files are not sent to Kaspersky automatically.
Trace files are saved in a human-readable format. It is recommended to protect information from unauthorized access before sending it to Kaspersky.
By default, trace files are stored in the directory /var/log/kaspersky/kesl/. Root privileges are required to access the default trace files directory.
Contents of trace files
All trace files contain the following general data:
- Event time.
- Number of the thread of execution.
- Application component that caused the event.
- Degree of event severity (informational event, warning, critical event, error).
- A description of the event involving command execution by a component of the application and the result of execution of this command.
Trace files may store the following information in addition to general data:
- The statuses of the application components and their operational data.
- Data on user activity in the application.
- Data on the hardware installed on the device.
- Data about all operating system objects and events, including information about user activity.
- Data contained in the objects of the operating system (for example, the contents of files that may contain any user personal data).
- Network traffic data (for example, the contents of the entry fields on a website, which may include bank card information or any other sensitive data).
- Data received from Kaspersky servers (such as the version of the application databases).
Trace files of administration plug-ins
If you are using the Kaspersky Security Center Administration Console to manage the Kaspersky Endpoint Security application, information about events that occur during operation of the MMC administration plug-in may be logged to a trace file of the Kaspersky Endpoint Security MMC plug-in on the device where the Kaspersky Security Center Administration Server is installed. The file name contains the version number of Kaspersky Endpoint Security, file creation date and time, and process ID (PID). This file contains information about the events that occur during MMC plug-in operation, in particular, about the operation of policies and tasks.
In addition to general data, the trace file may contain the following information:
- Personal data, including the last name, first name, and middle name, if such data is part of the path to files.
- The name of the account used to log in to the operating system if the user account name is part of a file name.
By default, trace files of the Kaspersky Endpoint Security MMC plug-in are not created. You can use registry keys to create the MMC plug-in trace file. Contact Technical Support representatives for detailed information on how to create trace files.
All created trace files of the MMC plug-in are located in the folder specified by the user during registry key configuration.
If you use the Kaspersky Security Center Web Console to manage the Kaspersky Endpoint Security application, information about events that occur during operation of the web administration plug-in may be written to the trace files of the web plug-in:
Trace files for the web plug-in are created automatically if logging of Web Console activities is enabled in Web Console Installation Wizard (for more details, refer to the Kaspersky Security Center Help).
Trace files of the web plug-in are stored in the Web Console installation folder in the "logs" subfolder.
Page topAbout dump files
A dump file contains all information about the working memory of Kaspersky Endpoint Security processes at the time when the dump file was created. If required, you can enable the creation of dump files when the application crashes.
You can configure the creation of dump files using the kesl.ini configuration file, as well as in the Kaspersky Endpoint Security policy settings using Kaspersky Security Center Administration Console or Kaspersky Security Center Web Console. By default, dump files are stored in the /var/opt/kaspersky/kesl/common/dumps and /var/opt/kaspersky/kesl/common/dumps-user directories. Root privileges are required to access dump files. The maximum number of dump files is limited.
Depending on the operating system settings, user dump files may not be created. Make sure that the system kernel is configured using sysctl kernel.yama.ptrace_scope=0
.
Dump files are stored on the computer as long as the application is in use, and are deleted permanently when the application is removed. Dump files are not sent to Kaspersky automatically.
Dump files may contain personal data. It is recommended to protect information from unauthorized access before sending it to Kaspersky.
To enable the creation of dump files using the kesl.ini configuration file:
- Stop Kaspersky Endpoint Security.
- Open the /var/opt/kaspersky/kesl/common/kesl.ini file for editing.
- Add the following setting to the [General] section:
CoreDumps=yes
- Start Kaspersky Endpoint Security.